I find that Payment News is a good blog to keep an eye on if your interested in identity issues.
For example today I learn that The Office of the Comptroller of the Currency might actually be a place with the regulatory muscle to do something useful:
The Office of the Comptroller of the Currency … has issued guidance describing response programs, including customer notice, for security breaches (PDF) that involve unauthorized access to customer information.
I have no idea exactly what the regulatory reach of the Comptroller of the Currency actually is. I doubt it reaches the firms traffic in aggregated credit, marketing, and medical profiles of us all.
One of the leaders in the profiling business is a company called Fair Isaac. For example one of their businesses is selling the tools credit card companies use to notice possible fraudulent patterns in the transaction streams. I assume they are the ones to thank when I get a phone call shortly after my daughter first uses her credit card after landing in Japan.
My model of these profile building companies is that they are architecturally ambivalent about their relationship with the people they are profiling. Two reasons for that. First off they are basicly in the business of selling gossip, so they have trouble framing the relationship in a socially acceptable way. Second off, their primary customer trusts them more if they maintainn a degree of distance from those who they are profiling.
So it’s interesting that Fair Isaac has been doing a number of things to publicize the FICO (aka your credit score) as if to make it part of their product line. Don’t you just love that name? “Fair Isaac”
Then we have this delightfully jab:
“Most banks spend more on washing windows than on money lost to phishing,” said Jim Bruene, editor of the Online Banking Report